Re: How to shorten output of a hash function?

---

• From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
• Date: Sat, 23 Aug 2008 18:55:45 GMT

---

Phil Carmody <thefatphil_demunged@xxxxxxxxxxx> writes:

Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx> writes:

Phil Carmody <thefatphil_demunged@xxxxxxxxxxx> wrote:

If it doesn't appear to be a PRF it's not a hash, IMHO.

That opinion is wrong. Sorry.

(Ok, I'll explain: VSH is clearly a hash function. Chaum-van
Heijst-Pfitzmann as well. Neither look very much like random
functions.)

I've got to admit that, on princple, I don't like the idea of
anything which has a <<O(2^(n/2)) work factor to find collisions
for an n-bit hash to be worthy of the title 'n-bit hash'.

hashes were invented for very different purposes than crypto. There are
many hashes which are not cryptographic and which can easily be broken, but
are extermely useful. I would agree that a cryptographic hash should look a
lot like a random function. However, one migh imagine padding a hash (eg
the DES hash) to bring it up to some length. (eg the DES based hash in the
unix password is 13 bytes, but only has a strength of 56 bits, which is 7
bytes. )

Very Sub-exponential Hash, I think you'll find...

What is a sub-exponential hash?

Phil
--
The fact that a believer is happier than a sceptic is no more to the
point than the fact that a drunken man is happier than a sober one.
The happiness of credulity is a cheap and dangerous quality.
-- George Bernard Shaw (1856-1950), Preface to Androcles and the Lion

.

---

• References:
  • How to shorten output of a hash function?
    • From: Guenther Starnberger
  • Re: How to shorten output of a hash function?
    • From: Kristian Gjøsteen
  • Re: How to shorten output of a hash function?
    • From: Phil Carmody
  • Re: How to shorten output of a hash function?
    • From: Kristian Gjøsteen
  • Re: How to shorten output of a hash function?
    • From: Phil Carmody

• Prev by Date: Re: How to shorten output of a hash function?
• Next by Date: Re: How to shorten output of a hash function?
• Previous by thread: Re: How to shorten output of a hash function?
• Next by thread: Re: How to shorten output of a hash function?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Potential DoS on Bittorrent ... >to the suggestion that anyone who chooses a crypto hash for data integrity ... hash is good choice for a total message integrity check. ... crypto hashes exhibit more graceful degradation in case ... hash functions defined by taking the remainder modulo a composite does ... (sci.crypt) Re: bootstrapping a secure channel ... if you are trying to verify a cryptographic parameter ... Let's say I have a crypto system and in order to break it you have to ... but requiring still makes it twice as hard ... If I had required the attackers of the SHA-0 hash to get all three (A, ... (sci.crypt) Re: Fast 32-bit Hash ... > one of those found with 100% certainty). ... CRC's are almost the ideal hash, ... Surely we would not put a 16-bit CRC into a new ... Crypto Glossary http://www.ciphersbyritter.com/GLOSSARY.HTM ... (sci.crypt) Re: Sony unveils next generation hash function ... Some programmer took a night school course on crypto and felt he could ... Technology) invited entries for the "SHA-3 competition," a selection ... process for next generation cryptographic hash functions. ... candidates, ... (sci.crypt) Crypto Update for 2.6.27 ... Here is the crypto update for 2.6.27: ... The biggest change is the introduction of the new hash interface ... of new hardware support and a lot of hifn fixes. ... (Linux-Kernel)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2008-08